Enterprise Linux Security – Page 4

Enterprise Linux Security Episode 66 – Job Security
In this episode, Jay and Joao discuss another form of security, job security! Throughout the series, we’ve advised and educated on enhancing the security of your enterprise network, but in this episode the focus is on YOU. Specifically, how to safeguard yourself from turnover, raise awareness of your importance to your organization, and how to navigate potential “awkward” conversations that System Administrators may find themselves having with their boss. Don’t miss this episode!

Download links
- MP3 version
- MP3 version (lower bitrate, smaller file size)
- Ogg version
⇨

Read more: Enterprise Linux Security Episode 66 – Job Security
Enterprise Linux Security Episode 65 – Open Source Intelligence Tools (OSINT)
Open Source Intelligence is a very interesting topic – it’s all about the things that might get unknowingly leaked, and this leaked information is perfectly legal to know and possess! The IP address that points to a domain, vacation photos on twitter, or even what you had for lunch can be used against you in order to build a profile. In this episode, Jay and Joao discuss OSINT and some tools that are commonly used to find it.

Download links
- MP3 version
- MP3 version (lower bitrate, lower file size)
- Ogg version
⇨

Read more: Enterprise Linux Security Episode 65 – Open Source Intelligence Tools (OSINT)
Enterprise Linux Security Episode 63 – Their Cloud
According to several sources, and confirmed by Western Digital themselves, there’s been a breach regarding the company’s cloud related offerings, such as “My Cloud” and various cloud-enabled storage products. Many of the details have yet to be revealed, but considering that Western Digital filed a 10-K form with the SEC, it’s very possible that it could be serious. In this episode, Jay and Joao discuss this story so far, with more specific details sure to come.

Download Links
- MP3 version
- MP3 version (lower bitrate, smaller file size)
- Ogg version
Relevant Articles
- Western Digital confirms digital burglary, calls the cops
- Hackers claim vast access to Western Digita
⇨

Read more: Enterprise Linux Security Episode 63 – Their Cloud
Enterprise Linux Security Episode 61 – The Principle of Least Privilege
With the recent takeover of the “Linus Tech Tips” YouTube channel, what can we learn? In this episode, Jay and Joao will discuss some of the ways you can prevent such an event from happening to you (and it’s not just YouTube that’s a target).

Download Links
- MP3 version
- MP3 version (lower bitrate, smaller size)
- Ogg version
⇨

Read more: Enterprise Linux Security Episode 61 – The Principle of Least Privilege
Enterprise Linux Security Episode 59 – AlmaLinux OS
AlmaLinux OS was created around the time of “that big CentOS” announcement, and has been a worthy solution for enterprises that wish to continue with Enterprise Linux, but without the fear of the distribution being changed into something else entirely. As a drop-in replacement for Red Hat, AlmaLinux OS continues to tackle new ground and builds a strong community. In this video, Jay and Joao are joined by Atalay Kelestemur who works on the project to discuss this distribution – and there may even be some surprises in store.

Download Links
- MP3 version
- MP3 version (smaller file, lower bitrate)
- Ogg version
Relevant Articles
- ELevate (migration utility for switching between RHEL derivatives)
- AlmaCare (enterprise support for AlmaLinux OS)
⇨

Read more: Enterprise Linux Security Episode 59 – AlmaLinux OS
Enterprise Linux Security Episode 58 – Tales from the Red Team
Tasks that penetration testers and security analysis perform in order to expose security weaknesses may seem like a mysterious and complicated art. Most of the time, these tasks are considered “secret sauce” and unless you work for a red team, you may not be aware of what it may look like while someone attempts to gain access from the outside. In this episode, Jay and Joao discuss a report released by CISA, that provides a very detailed account at what goes into this type of work. This report is definitely a must-read, and this episode is a must-listen!

Download Links
- MP3 version
- MP3 version (smaller file, lower bitrate)
- Ogg version
Relevant Articles
- CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks
- Ticket Granting Tickets (one of the strategies used by CISA)https://learnlinux.link/golden-ticket
⇨

Read more: Enterprise Linux Security Episode 58 – Tales from the Red Team
Enterprise Linux Security Episode 53 – Digital Twins
By using clever infrastructure engineering strategies to increase reliability, you can minimize disruption and downtime for your organization. Another technique to consider is the concept of Digital Twin – having a full system clone/mirror you can use to test enhancements, perform a root-cause analysis, or more. In this episode, Jay and Joao discuss Digital Twins and how the concept can potentially help your organization.

Download Links
- MP3 version
- MP3 version (smaller file, lower bitrate)
- Ogg version
Relevant Articles
- Digital Twin (Wikipedia article)
- More malicious packages posted to online repository. This time it’s PyPI
⇨

Read more: Enterprise Linux Security Episode 53 – Digital Twins
Enterprise Linux Security Episode 50 – The Many Faces of Patching
When it comes to patching, were you aware that there’s more than one type of patch? In this episode of Enterprise Linux Security, Jay and Joao discuss the various types of patching that’s performed today.

Download Links
Relevant Articles
- The Many Faces of Patching
⇨

Read more: Enterprise Linux Security Episode 50 – The Many Faces of Patching
Enterprise Linux Security Episode 49 – The Code is Open, But Who’s Looking at It?
Open-Source is great – with code being open, everyone has access to it. That means that the code can be audited – and that makes it more secure, right? Well, possibly. In the recent talk “The Code is Open, But Who’s Looking at it?” Joao discusses the concept in detail. This talk was recorded at OSAD 2022. New episodes of Enterprise Linux Security will resume after the holidays. But for now, enjoy the talk!

Download Links
- MP3 version
- MP3 version (lower bitrate, smaller file)
- Ogg versio
⇨

Read more: Enterprise Linux Security Episode 49 – The Code is Open, But Who’s Looking at It?
Enterprise Linux Security Episode 48 – New Malware, Old Vulnerabilities
While it’s certainly never a good thing to become the victim of a cyber-attack, it can be even more embarrassing if the CVE the threat actor used to get a foothold into your systems was patched a long time ago. In this episode, Jay and Joao discuss malware that’s currently taking advantage of vulnerabilities that were patched over a year ago! As important as software updates happen to be, why are so many organizations unable to keep up with them?

Download Links
- MP3 version
- MP3 version (lower bitrate, smaller file)
- Ogg version
Relevant Articles
- Shikitega – New stealthy malware targeting Linux
⇨

Read more: Enterprise Linux Security Episode 48 – New Malware, Old Vulnerabilities
Enterprise Linux Security Episode 46 – Monitoring
If you’re in charge of maintaining servers and related equipment, what should you monitor? While monitoring is something that will grow and expand over time, Jay and Joao will give you some tips in this episode to get you started. Check out this episode for some tips on some of the baseline checks you should implement with your monitoring solution of choice.

Download Links
⇨

Read more: Enterprise Linux Security Episode 46 – Monitoring
Enterprise Linux Security Episode 44 – Is Linux less of a Target?
In this episode, Jay and Joao discuss how much of a target Linux is, as well as some myths surrounding Linux and security. Also, there will be some news updates as well.

Relevant Articles
- White House Releases Software Supply Chain Security Guidance
- White House Supply Chain Memo (PDF)
Download Links
⇨

Read more: Enterprise Linux Security Episode 44 – Is Linux less of a Target?